Then a man named Yul Kwon came to the rescue saying that the
growth team had come up with a solution! Thanks to poor Android
permission design at the time, there was a way to update the
Facebook app to get “Read Call Log” permission without actually
asking for it. “Based on their initial testing, it seems that this
would allow us to upgrade users without subjecting them to an
Android permissions dialog at all,” Kwon is quoted. “It would
still be a breaking change, so users would have to click to
upgrade, but no permissions dialog screen. They’re trying to
finish testing by tomorrow to see if the behavior holds true
across different versions of Android.”

Oh yay! Facebook could suck more data from users without scaring
them by telling them it was doing it! This is a little surprising
coming from Yul Kwon because he is Facebook’s chief ‘privacy
sherpa,’ who is supposed to make sure that new products coming out
of Facebook are privacy-compliant. I know because I profiled
him, in a piece that happened to come out the same day as this
email was sent. A member of his team told me their job was to make
sure that the things they’re working on “not show up on the front
page of the New York Times” because of a privacy blow-up. And I
guess that was technically true, though it would be more
reassuring if they tried to make sure Facebook didn’t do the
creepy things that led to privacy blow-ups rather than keeping
users from knowing about the creepy things.

The Facebook executives who approved this ought to be going to jail. Facebook is to privacy what Enron was to accounting.